This Week in Compliance: SFO decides against appeal in ENRC privilege case

by GAN Integrity on October 5th, 2018

This Week in Compliance: SFO decides against appeal in ENRC privilege case

Here’s what’s been going on in the compliance world this week:

Business

SFO decides against appeal in ENRC privilege case, as ENRC calls for judicial review of probe: The UK’s Serious Fraud Office (SFO) announced on Tuesday that it will not appeal a judgment concerning the scope of legal professional privilege rendered last month by a UK court. The judgment allowed mining firm ENRC to keep internal documents from the prosecutorial agency. That ruling overturned an earlier court decision that severely worried lawyers and in-house counsel because of fears that internal investigations into allegations of wrongdoing could create a paper trail that would need to be handed over to prosecutors. The SFO’s new director, Lisa Osofsky, has now decided that the agency will not move forward with an appeal to the Supreme court, but Osofsky warned that the agency will continue to assess the merits of privilege claims in the future. In related news, ENRC demanded a review of the SFO’s handling of evidence and any unauthorized contact between prosecutors and the miner’s former lawyers at Dechert in the probe. Law firm Dechert has denied the allegations made by ENRC. ENRC also claims that the SFO misplaced a notebook belonging to a former lead investigator that the firm claims shows that the investigator originally thought in 2011 there was no criminal case to be made.

Medical device company Stryker resolves second FCPA enforcement action: The U.S. Securities and Exchange Commission (SEC) announced last Friday that medical device maker Stryker Corp. agreed to pay USD 7.8 million in penalties to resolve FCPA charges. The charges pertain to violations of the FCPA’s books and records provisions in India, China, and Kuwait. The SEC said that Stryker’s internal controls were not adequate “to detect the risk of improper payments”. In China, for example, the SEC found that at least 21 of Stryker’s sub-distributors for its Sonopet product weren’t vetted, approved, or trained, as required by the company’s policies. This enforcement action is the second FCPA action the SEC has brought against the company. In 2013, the company paid the SEC USD 13.2 million to resolve FCPA violations in five countries where it had bribed doctors and administrators at government-controlled hospitals.

Facebook liable for fine of up to USD 1.63 billion for EU data breach: Ireland’s Data Protection Commission (DPC) announced on Wednesday that it has formally opened an investigation into last week’s data breach that affected nearly 50 million users. The DPC is tasked with enforcing the GDPR, the new European privacy directive, in Ireland. Under GDPR rules, a company may be liable for fines of up to 2 percent of its worldwide annual revenue of the prior year. However, such a high fine has been described as unlikely, but the case is nonetheless being watched closely since it is the first major GDPR investigation.

SFO charges third individual in seismology bribery case: A third former executive at Güralp Systems Limited has been charged with conspiracy to bribe a former official. The charges follow charges made against the company’s founder and another top executive in August. The SFO alleges that the individuals conspired to bribe officials at the Korea Institute of Geoscience and Mineral Resources (KIGAM). KIGAM’s former director was sentenced to 14 months in prison in the U.S. last year over related charges. The U.S. DOJ declined to prosecute Güralp Systems in August since the company voluntarily disclosed the misconduct and undertook “significant remedial efforts”. The DOJ also said earlier this year that it would avoid “piling on” when parallel investigations are underway.

Government

Wife of former Malaysian prime minister arrested in conncetion to 1MDB scandals: Rosmah Mansor, wife of former Malaysian prime minister Najib Razak, was arrested this week and charged with 17 counts of money laundering and tax evasion. Mansor pleaded not guilty to all the charges. The charges follow the 25 additional charges lobbed against Razak two weeks ago. The country’s new prime minister, Mahathir Mohamad, opened an investigation into allegations of large-scale embezzlement of funds from state development fund 1MDB back in May, shortly after this election. The U.S. DOJ has since alleged that at least USD 4.5 billion was misappropriated from the fund.

SFO attempts to recover assets from daughter of late Uzbek president: The UK’s Serious Fraud Office is pursuing an asset recovery claim against Gulnara Karimova, the daughter of late Uzbek President Islam Karimov, and Rustam Madumarov, her long-time boyfriend. Karimova has been alleged to have taken at least USD 300 million in bribes from Swedish telecom operator Telia and Netherlands-based VimpelCom. Telia resolved FCPA charges last year for USD 965 million and Vimpelcom settled FCPA charges for USD 795 with U.S. and Dutch authorities in 2016. Karimova has been under house arrest in Tashkent since 2014 and was convicted of embezzlement in Uzbekistan in 2017.

Noteworthy

German media reports on Siemens bribery in China: A new report in the Süddeutsche Zeitung (SZ) this week dug deep into dozens of bribery and corruption judgments in China involving multinational engineering firm Siemens. Many of the conduct uncovered relates to events that allegedly took place after Siemens paid USD 1.6 billion in fines to settle charges with U.S. and European authorities in 2008 over wide-ranging bribery in half a dozen countries. One example is a case dated May 2012 where a Siemens sales representative was convicted of paying close to a million dollars in bribes to the director of a hospital in Qinzhou in order to win a contract worth USD 5.8 million. Siemens has denied that the company supported its sales rep, “Mr. Jin”, or provided money for the bribes.

Building a comprehensive structure for your compliance program is essential to effectively and efficiently mitigate risk. And while risks vary from one company to another based on industry, location, and partners – thereby disqualifying any one-size-fits-all compliance program – the underlying structure of a program can, to a reasonable extent, be broken down into a set of components.